Web安全
Above:用于网络漏洞发现的协议嗅探器
https://securityonline.info/above-invisible-protocol-sniffer-for-finding-vulnerabilities-in-the-network/
https://github.com/wearecaster/Above
Nuclei插件合集:支持跨不同Web应用程序与服务进行安全扫描与检测
https://github.com/linuxadi/40k-nuclei-templates/
submonit88r:子域监控脚本
https://github.com/h0tak88r/submonit88r
honeypots-detection:开源蜜罐扫描
https://github.com/UnaPibaGeek/honeypots-detection
Java代码混淆:隐藏方法、字段以及代码片段
https://y4tacker.github.io/2023/12/22/year/2023/12/Hacking-FernFlower/
https://github.com/Y4tacker/HackingFernFlower
内网渗透
smbsocks:Sliver的smbsocks扩展
https://tishina.in/ops/sliver-forward-pivoting
https://github.com/zimnyaa/smbsocks/
终端对抗
PrivescCheck:本地提权发现
https://github.com/itm4n/PrivescCheck
LOLBAS:StandaloneRunner
https://github.com/nasbench/Misc-Research/blob/main/LOLBINs/StandaloneRunner.md
远程监控与管理工具相关LOLBAS滥用整理
https://docs.google.com/spreadsheets/d/1G_pJ1H2yJeoLUnki6kibujUJ9445M_2hRTEm3kUCf0M
vs-shellcode:Visual Studio的Shellcode项目模板
https://github.com/RtlDallas/vs-shellcode
EDRSilencer:检测并拦截EDR的出站流量
https://github.com/netero1010/EDRSilencer
Nidhogg:后渗透多功能Rootkit开发库
https://github.com/Idov31/Nidhogg
CLR堆加密:利用IHostMemoryManager接口在睡眠时加密CLR分配的内存
https://github.com/lap1nou/CLR_Heap_encryption
Ghidriff:Ghidra二进制比较引擎
https://clearbluejar.github.io/posts/ghidriff-ghidra-binary-diffing-engine/
https://github.com/clearbluejar/ghidriff
漏洞相关
CVE-2023-51385:SSH ProxyCommand中的代码执行
https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html
CVE-2023-50254:深度Linux默认文档查看器RCE
https://github.com/febinrev/deepin-linux_reader_RCE-exploit
卡巴斯基对“三角测量行动”攻击漏洞链的完整分析
https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
利用CVE-2023-35384、CVE-2023-36710实现Outlook 客户端 0click RCE
https://www.akamai.com/blog/security-research/chaining-vulnerabilities-to-achieve-rce-part-one
https://www.akamai.com/blog/security-research/2023/dec/chaining-vulnerabilities-to-achieve-rce-part-two
云安全
利用AWS服务实现数据窃取
https://airwalkreply.com/cloud-services-as-exfiltration-mechanisms?utm_source=cloudseclist.com&utm_medium=referral&utm_campaign=CloudSecList-issue-218
社工钓鱼
OUTLOOK攻击面综合分析
https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive-analysis-of-outlook-attack-vectors/
其他
利用LLM进行辅助开发时产生的漏洞引入风险
https://arxiv.org/pdf/2308.03109.pdf
利用GPT-4微调API绕过其安全机制
https://mp.weixin.qq.com/s?__biz=MzI4MDYzNzg4Mw==&mid=2247560124&idx=1&sn=a432320c5d52f8dbd0bc774d3c2bdf85&chksm=ebb6d368dcc15a7e80120a7de0525b5c2463b4a697a716fb5ab8c359b61b7a3c8cb91fd47ac6&mpshare=1&scene=1&srcid=1228GE9KHqzTvGjhlFGGYiWf&sharer_shareinfo=58e932eec7b3a9e655c3b2faaa09d6d4&sharer_shareinfo_first=58e932eec7b3a9e655c3b2faaa09d6d4&from=industrynews&version=4.1.16.6007&platform=win#rd
https://arxiv.org/pdf/2312.14302.pdf
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐
原文始发于微信公众号(M01N Team):每周蓝军技术推送(2023.12.23-12.29)